Weekend Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

GAQM CEH-001 - Certified Ethical Hacker (CEH)

GAQM CEH-001 Premium Access     Download Demo    
Page: 10 / 14
Total 878 questions

Lori is a Certified Ethical Hacker as well as a Certified Hacking Forensics Investigator working as an IT security consultant. Lori has been hired on by Kiley Innovators, a large marketing firm that recently underwent a string of thefts and corporate espionage incidents. Lori is told that a rival marketing company came out with an exact duplicate product right before Kiley Innovators was about to release it. The executive team believes that an employee is leaking information to the rival company. Lori questions all employees, reviews server logs, and firewall logs; after which she finds nothing. Lori is then given permission to search through the corporate email system. She searches by email being sent to and sent from the rival marketing company.

She finds one employee that appears to be sending very large email to this other marketing company, even though they should have no reason to be communicating with them. Lori tracks down the actual emails sent and upon opening them, only finds picture files attached to them. These files seem perfectly harmless, usually containing some kind of joke. Lori decides to use some special software to further examine the pictures and finds that each one had hidden text that was stored in each picture.

What technique was used by the Kiley Innovators employee to send information to the rival marketing company?

A.

The Kiley Innovators employee used cryptography to hide the information in the emails sent

B.

The method used by the employee to hide the information was logical watermarking

C.

The employee used steganography to hide information in the picture attachments

D.

By using the pictures to hide information, the employee utilized picture fuzzing

Jason works in the sales and marketing department for a very large advertising agency located in Atlanta. Jason is working on a very important marketing campaign for his company's largest client. Before the project could be completed and implemented, a competing advertising company comes out with the exact same marketing materials and advertising, thus rendering all the work done for Jason's client unusable. Jason is questioned about this and says he has no idea how all the material ended up in the hands of a competitor.

Without any proof, Jason's company cannot do anything except move on. After working on another high profile client for about a month, all the marketing and sales material again ends up in the hands of another competitor and is released to the public before Jason's company can finish the project. Once again, Jason says that he had nothing to do with it and does not know how this could have happened. Jason is given leave with pay until they can figure out what is going on.

Jason's supervisor decides to go through his email and finds a number of emails that were sent to the competitors that ended up with the marketing material. The only items in the emails were attached jpg files, but nothing else. Jason's supervisor opens the picture files, but cannot find anything out of the ordinary with them.

What technique has Jason most likely used?

A.

Stealth Rootkit Technique

B.

ADS Streams Technique

C.

Snow Hiding Technique

D.

Image Steganography Technique

Which type of hacker represents the highest risk to your network?

A.

black hat hackers

B.

grey hat hackers

C.

disgruntled employees

D.

script kiddies

Joel and her team have been going through tons of garbage, recycled paper, and other rubbish in order to find some information about the target they are attempting to penetrate. How would you call this type of activity?

A.

Dumpster Diving

B.

Scanning

C.

CI Gathering

D.

Garbage Scooping

Bob waits near a secured door, holding a box. He waits until an employee walks up to the secured door and uses the special card in order to access the restricted area of the target company. Just as the employee opens the door, Bob walks up to the employee (still holding the box) and asks the employee to hold the door open so that he can enter. What is the best way to undermine the social engineering activity of tailgating?

A.

Issue special cards to access secure doors at the company and provide a one-time only brief description of use of the special card

B.

Educate and enforce physical security policies of the company to all the employees on a regular basis

C.

Setup a mock video camera next to the special card reader adjacent to the secure door

D.

Post a sign that states, "no tailgating" next to the special card reader adjacent to the secure door

This IDS defeating technique works by splitting a datagram (or packet) into multiple fragments and the IDS will not spot the true nature of the fully assembled datagram. The datagram is not reassembled until it reaches its final destination. It would be a processor-intensive task for IDS to reassemble all fragments itself, and on a busy system the packet will slip through the IDS onto the network. What is this technique called?

A.

IP Routing or Packet Dropping

B.

IDS Spoofing or Session Assembly

C.

IP Fragmentation or Session Splicing

D.

IP Splicing or Packet Reassembly

Jayden is a network administrator for her company. Jayden wants to prevent MAC spoofing on all the Cisco switches in the network. How can she accomplish this?

A.

Jayden can use the commanD. ip binding set.

B.

Jayden can use the commanD. no ip spoofing.

C.

She should use the commanD. no dhcp spoofing.

D.

She can use the commanD. ip dhcp snooping binding.

This tool is widely used for ARP Poisoning attack. Name the tool.

A.

Cain and Able

B.

Beat Infector

C.

Poison Ivy

D.

Webarp Infector

You receive an e-mail with the following text message.

"Microsoft and HP today warned all customers that a new, highly dangerous virus has been discovered which will erase all your files at midnight. If there's a file called hidserv.exe on your computer, you have been infected and your computer is now running a hidden server that allows hackers to access your computer. Delete the file immediately. Please also pass this message to all your friends and colleagues as soon as possible."

You launch your antivirus software and scan the suspicious looking file hidserv.exe located in c:\windows directory and the AV comes out clean meaning the file is not infected. You view the file signature and confirm that it is a legitimate Windows system file "Human Interface Device Service".

What category of virus is this?

A.

Virus hoax

B.

Spooky Virus

C.

Stealth Virus

D.

Polymorphic Virus

What is the problem with this ASP script (login.asp)?

A.

The ASP script is vulnerable to Cross Site Scripting attack

B.

The ASP script is vulnerable to Session Splice attack

C.

The ASP script is vulnerable to XSS attack

D.

The ASP script is vulnerable to SQL Injection attack

In Trojan terminology, what is required to create the executable file chess.exe as shown below?

A.

Mixer

B.

Converter

C.

Wrapper

D.

Zipper

This type of Port Scanning technique splits TCP header into several packets so that the packet filters are not able to detect what the packets intends to do.

A.

UDP Scanning

B.

IP Fragment Scanning

C.

Inverse TCP flag scanning

D.

ACK flag scanning

An attacker finds a web page for a target organization that supplies contact information for the company. Using available details to make the message seem authentic, the attacker drafts e-mail to an employee on the contact page that appears to come from an individual who might reasonably request confidential information, such as a network administrator.

The email asks the employee to log into a bogus page that requests the employee's user name and password or click on a link that will download spyware or other malicious programming.

Google's Gmail was hacked using this technique and attackers stole source code and sensitive data from Google servers. This is highly sophisticated attack using zero-day exploit vectors, social engineering and malware websites that focused on targeted individuals working for the company.

What is this deadly attack called?

A.

Spear phishing attack

B.

Trojan server attack

C.

Javelin attack

D.

Social networking attack

Stephanie works as a records clerk in a large office building in downtown Chicago. On Monday, she went to a mandatory security awareness class (Security5) put on by her company's IT department. During the class, the IT department informed all employees that everyone's Internet activity was thenceforth going to be monitored.

Stephanie is worried that her Internet activity might give her supervisor reason to write her up, or worse get her fired. Stephanie's daily work duties only consume about four hours of her time, so she usually spends the rest of the day surfing the web. Stephanie really enjoys surfing the Internet but definitely does not want to get fired for it.

What should Stephanie use so that she does not get in trouble for surfing the Internet?

A.

Stealth IE

B.

Stealth Anonymizer

C.

Stealth Firefox

D.

Cookie Disabler

Attackers target HINFO record types stored on a DNS server to enumerate information. These are information records and potential source for reconnaissance. A network administrator has the option of entering host information specifically the CPU type and operating system when creating a new DNS record. An attacker can extract this type of information easily from a DNS server.

Which of the following commands extracts the HINFO record?

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Annie has just succeeded in stealing a secure cookie via a XSS attack. She is able to replay the cookie even while the session is invalid on the server. Why do you think this is possible?

A.

It works because encryption is performed at the application layer (single encryption key)

B.

The scenario is invalid as a secure cookie cannot be replayed

C.

It works because encryption is performed at the network layer (layer 1 encryption)

D.

Any cookie can be replayed irrespective of the session status

Fake Anti-Virus, is one of the most frequently encountered and persistent threats on the web. This malware uses social engineering to lure users into infected websites with a technique called Search Engine Optimization.

Once the Fake AV is downloaded into the user's computer, the software will scare them into believing their system is infected with threats that do not really exist, and then push users to purchase services to clean up the non-existent threats.

The Fake AntiVirus will continue to send these annoying and intrusive alerts until a payment is made.

What is the risk of installing Fake AntiVirus?

A.

Victim's Operating System versions, services running and applications installed will be published on Blogs and Forums

B.

Victim's personally identifiable information such as billing address and credit card details, may be extracted and exploited by the attacker

C.

Once infected, the computer will be unable to boot and the Trojan will attempt to format the hard disk

D.

Denial of Service attack will be launched against the infected computer crashing other machines on the connected network

What port number is used by Kerberos protocol?

A.

88

B.

44

C.

487

D.

419

When comparing the testing methodologies of Open Web Application Security Project (OWASP) and Open Source Security Testing Methodology Manual (OSSTMM) the main difference is

A.

OWASP is for web applications and OSSTMM does not include web applications.

B.

OSSTMM is gray box testing and OWASP is black box testing.

C.

OWASP addresses controls and OSSTMM does not.

D.

OSSTMM addresses controls and OWASP does not.

The use of technologies like IPSec can help guarantee the followinG. authenticity, integrity, confidentiality and

A.

non-repudiation.

B.

operability.

C.

security.

D.

usability.